EUVD-2018-17984

Malware in sbrugna...

EUVD-2018-2425

Malware in sbrugna...

EUVD-2018-17983

Malware in sbrugna...

EUVD-2018-17980

Malware in sbrugna...

EUVD-2023-55663

Malicious code in bioql PyPI...

EUVD-2025-13369

Malicious code in bioql PyPI...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Request Tracker vulnerabilities (USN-7692-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7692-1 advisory. It was discovered that Request Tracker was susceptible to timing attacks. An attacker could possibly use this issue to access sensiti...

CVE-2023-50930

An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a...

CVE-2010-1568

The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook before 6.5.0-006 does not properly handle simultaneously composed messages, which might allow remote attackers to obtain cleartext contents of e-mail messages that were intended to be encrypted, aka bug 65623...

CVE-2025-2545 Deprecated 3DES cryptographic algorithm used by Request Tracker in emails encrypted with S/MIME

Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...

CVE-2025-2545 Deprecated 3DES cryptographic algorithm used by Request Tracker in emails encrypted with S/MIME

Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES 3DES cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and insecure due to its susceptibility to birthday attacks, which could...

Linux Distros Unpatched Vulnerability : CVE-2013-4166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gpgctxaddrecipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly...

CentOS 7 : thunderbird (RHSA-2021:2263)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2263 advisory. - OpenPGP secret keys that were imported using Thunderbird version 78.8.1 up to version 78.10.1 were stored unencrypted on the user's local disk. The...

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals

The most dangerous vulnerability you've never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others ar...

Savignano Software Solutions S/Notify Security Breach

Savignano Software Solutions S/Notify is an email encryption program from Savignano Software Solutions, Germany. A security vulnerability previously existed in Savignano Software Solutions S/Notify version 4.0.2, which stemmed from the presence of a cross-site request forgery CSRF vulnerability...

RHEL 7 : kdepim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kmail: Send Later with Delay bypasses OpenPGP CVE-2017-9604 - KDE KMail does not encrypt attachments in...

RHEL 6 : kdepim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kmail: Send Later with Delay bypasses OpenPGP CVE-2017-9604 - KDE KMail does not encrypt attachments in...

Design/Logic Flaw

The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third party. Whil...

CVE-2024-1936

The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. Whil...

The vulnerability of the email encryption software for Jira S/Notify, related to the， allows a hacker to perform a CSRF attack.

The vulnerability of the email encryption software for Jira S/Notify is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to execute a CSRF attack remotely...